Solved Incoming connection on a router

On a home/office wireless router, do you guys block all incoming connections?
 
Last edited by a moderator:
Yes, except for a couple of ports I opened for a local Apache and SSH. I also accept some ICMP. But that's about it.

On most SOHO routers this is already happening due to NAT, which already blocks incoming traffic unless there's a specific forwarding rule.
 
Basically you should block everything by default on all interfaces except on loopback (lo0 in FreeBSD) and write specific rules to allow traffic to pass. One thing you shouldn't block if you're hosting services on your hosts is ICMP. ICMP is essential to make the Internet protocols work, without it things like path MTU discovery won't work and you'll get calls from angry customers asking why can't they reach your site.
 
On the OS I'm blocking all incoming traffic (except SSH) and allowing outgoing of HTTP, HTTPS, SSMTP, SMTP, FTP, SSH, DNS, that's pretty much it. However, I've got two routers; one is a Netgear running factory firmware because DD-WRT is not supported on that particular one, and the other a TP-Link running DD-WRT. These two routers are set up like so:
Code:
[MODEM]-->[NETGEAR]-->[TP-Link]-->my PCs.
So, I'm wondering if DD-WRT blocks all incoming by default. Netgear logs always have 'Attacks <name>' such as SYN flood and ACK; I know when downloading a torrent this happens, but sometimes I'm just accessing websites like FreeBSD, YouTube, or my school's site.
Right now I've acquired a Dell Vostro 220s that looks like a perfect candidate for running pfSense. So, which router do you suggest to keep as a backup?
 
Keep the one with third-party firmware. Factory firmware has been shown again and again to have ridiculous security problems, almost without regard to vendor.
 
Back
Top